Add additional tests

Reference: #580
This commit is contained in:
Gert-Jan Timmer 2018-06-01 11:28:29 +02:00
parent 0e289439a2
commit 90f966bed9
1 changed files with 141 additions and 16 deletions

View File

@ -9,7 +9,6 @@ package sqlite3
import ( import (
"database/sql" "database/sql"
"fmt"
"os" "os"
"testing" "testing"
) )
@ -37,14 +36,19 @@ func TestAuthCreateDatabase(t *testing.T) {
func TestAuthorization(t *testing.T) { func TestAuthorization(t *testing.T) {
tempFilename := TempFilename(t) tempFilename := TempFilename(t)
fmt.Println(tempFilename) defer os.Remove(tempFilename)
//defer os.Remove(tempFilename)
db, err := sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=admin") db, err := sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=admin")
if err != nil { if err != nil {
t.Fatal("Failed to open database:", err) t.Fatal("Failed to open database:", err)
} }
// Dummy Query to force connection
if _, err := db.Exec("SELECT 1;"); err != nil {
t.Fatalf("Failed to connect: %s", err)
}
// Add normal user to database
if _, err := db.Exec("select auth_user_add('user', 'user', false);"); err != nil { if _, err := db.Exec("select auth_user_add('user', 'user', false);"); err != nil {
t.Fatal(err) t.Fatal(err)
} }
@ -53,32 +57,153 @@ func TestAuthorization(t *testing.T) {
if err := db.QueryRow("select uname from sqlite_user where uname = 'user';").Scan(&uname); err != nil { if err := db.QueryRow("select uname from sqlite_user where uname = 'user';").Scan(&uname); err != nil {
t.Fatal(err) t.Fatal(err)
} }
if uname != "user" { if uname != "user" {
t.Fatal("Failed to create normal user") t.Fatal("Failed to create normal user")
} }
db.Close() db.Close()
// Re-Open Database as User // Re-Open Database as User
// Add User should now fail because we are not admin
db, err = sql.Open("sqlite3", "file:"+tempFilename+"?_auth_user=user&_auth_pass=user") db, err = sql.Open("sqlite3", "file:"+tempFilename+"?_auth_user=user&_auth_pass=user")
if err != nil { if err != nil {
t.Fatal("Failed to open database:", err) t.Fatal("Failed to open database:", err)
} }
defer db.Close() defer db.Close()
// Try to create normal user // Add User should now fail because we are not admin
var rv string var rv int
if err := db.QueryRow("select auth_user_add('user2', 'user2', false);").Scan(&rv); err != nil { if err := db.QueryRow("select auth_user_add('user2', 'user2', false);").Scan(&rv); err != nil || rv == 0 {
if err != nil {
t.Fatal(err) t.Fatal(err)
} }
fmt.Printf("RV: %v\n", rv) t.Fatal("Succeeded creating user, while not being admin, this is not supposed to work")
// if rv != SQLITE_AUTH { }
// t.Fatal("Succeeded creating user while not admin")
// } // Try to create admin user
// Should also fail because we are not admin
// // Try to create admin user if err := db.QueryRow("select auth_user_add('admin2', 'admin2', true);").Scan(&rv); err != nil || rv == 0 {
// if _, err := db.Exec("select auth_user_add('admin2', 'admin2', true);"); err != nil { if err != nil {
// t.Fatal(err) t.Fatal(err)
// } }
t.Fatal("Succeeded creating admin, while not being admin, this is not supposed to work")
}
}
func TestAuthorizationFailed(t *testing.T) {
tempFilename := TempFilename(t)
defer os.Remove(tempFilename)
db, err := sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=admin")
if err != nil {
t.Fatal("Failed to open database:", err)
}
// Dummy Query to force connection
if _, err := db.Exec("SELECT 1;"); err != nil {
t.Fatalf("Failed to connect: %s", err)
}
db.Close()
db, err = sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=invalid")
if err != nil {
t.Fatal("Failed to open database:", err)
}
defer db.Close()
// Dummy Query to issue connection
if _, err := db.Exec("SELECT 1;"); err != nil && err != ErrUnauthorized {
t.Fatalf("Failed to connect: %s", err)
}
}
func TestAuthUserModify(t *testing.T) {
tempFilename := TempFilename(t)
defer os.Remove(tempFilename)
var rv int
db, err := sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=admin")
if err != nil {
t.Fatal("Failed to open database:", err)
}
// Dummy Query to force connection
if _, err := db.Exec("SELECT 1;"); err != nil {
t.Fatalf("Failed to connect: %s", err)
}
if err := db.QueryRow("select auth_user_add('user', 'user', false);").Scan(&rv); err != nil || rv != 0 {
if err != nil {
t.Fatal(err)
}
t.Fatal("Failed to create normal user")
}
if err := db.QueryRow("select auth_user_change('admin', 'nimda', true);").Scan(&rv); err != nil || rv != 0 {
if err != nil {
t.Fatal(err)
}
t.Fatal("Failed to change password")
}
db.Close()
// Re-Connect with new credentials
db, err = sql.Open("sqlite3", "file:"+tempFilename+"?_auth_user=admin&_auth_pass=nimda")
if err != nil {
t.Fatal("Failed to open database:", err)
}
if err := db.QueryRow("select count(uname) from sqlite_user where uname = 'admin';").Scan(&rv); err != nil {
t.Fatal(err)
}
defer db.Close()
// Dummy Query to force connection to test authorization
if _, err := db.Exec("SELECT 1;"); err != nil && err != ErrUnauthorized {
t.Fatalf("Failed to connect: %s", err)
}
}
func TestAuthUserDelete(t *testing.T) {
tempFilename := TempFilename(t)
defer os.Remove(tempFilename)
var rv int
db, err := sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=admin")
if err != nil {
t.Fatal("Failed to open database:", err)
}
defer db.Close()
// Dummy Query to force connection to test authorization
if _, err := db.Exec("SELECT 1;"); err != nil {
t.Fatalf("Failed to connect: %s", err)
}
// Add User
if _, err := db.Exec("select auth_user_add('user', 'user', false);"); err != nil {
t.Fatal(err)
}
// Verify, their should be now 2 users
var users int
if err := db.QueryRow("select count(uname) from sqlite_user;").Scan(&users); err != nil {
t.Fatal(err)
}
if users != 2 {
t.Fatal("Failed to add user")
}
// Delete User
if _, err := db.Exec("select auth_user_delete('user');"); err != nil {
t.Fatal(err)
}
// Verify their should now only be 1 user remaining, the current logged in admin user
if err := db.QueryRow("select count(uname) from sqlite_user;").Scan(&users); err != nil {
t.Fatal(err)
}
if users != 1 {
t.Fatal("Failed to delete user")
}
} }